tristan/kdeconnect-kde
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove specific list of ciphers

Browse source 
We can let the system use the full list when negotiating since we no longer
support Android < 5.0
This commit is contained in:
Albert Vaca Cintora 2023-03-04 23:14:31 +01:00
parent 3f03af9383
commit 107dfb9e3d
1 changed files with 0 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
core/backends/lan/lanlinkprovider.cpp
View file

@ -546,15 +546,8 @@ void LanLinkProvider::deviceLinkDestroyed(QObject *destroyedDeviceLink)
void LanLinkProvider::configureSslSocket(QSslSocket *socket, const QString &deviceId, bool isDeviceTrusted) void LanLinkProvider::configureSslSocket(QSslSocket *socket, const QString &deviceId, bool isDeviceTrusted)
{ {
// Setting supported ciphers manually, to match those on Android (FIXME: Test if this can be left unconfigured and still works for Android 4)
QList<QSslCipher> socketCiphers;
socketCiphers.append(QSslCipher(QStringLiteral("ECDHE-ECDSA-AES256-GCM-SHA384")));
socketCiphers.append(QSslCipher(QStringLiteral("ECDHE-ECDSA-AES128-GCM-SHA256")));
socketCiphers.append(QSslCipher(QStringLiteral("ECDHE-RSA-AES128-SHA")));
// Configure for ssl // Configure for ssl
QSslConfiguration sslConfig; QSslConfiguration sslConfig;
sslConfig.setCiphers(socketCiphers);
sslConfig.setLocalCertificate(KdeConnectConfig::instance().certificate()); sslConfig.setLocalCertificate(KdeConnectConfig::instance().certificate());
QFile privateKeyFile(KdeConnectConfig::instance().privateKeyPath()); QFile privateKeyFile(KdeConnectConfig::instance().privateKeyPath());